Developing conventional network access control software is a time consuming activity. Developers need to understand all of the types of rules that customers want to use to control access. These rules usually come in the form of, for example, “if user X logs in from location Y at time Z, then user X gets ABC network access policy.” Conventional network access control software is procedural code and when the code does not cover a particular use case (e.g., a user is already logged in to one part of the network and is attempting to log into another part of the network), then developers must modify, test, and release code implementing a new rule to cover the use case.